This invention relates to a terminal system for notifying a user of authenticity of a terminal which receives a provided service, to thereby enable the user to safely receive the provided service.
In order to increase productivity of workers, a work style referred to as teleworking in which a worker works around a location which is different from a workplace determined in advance has become widespread. In particular, more and more users such as sales persons conduct tasks referred to as mobile tasks, which mainly involve sending/receiving electronic mails and preparing documents at home, on the street, and in a car.
As this work style has become popular, the number of information leakage accidents has increased in business enterprises, and therefore a thorough information management is required. As examples of the information leakage accidents, many accidents in which a PC or an information device taken out from a company is lost or stolen, or an individually-owned PC storing personal information is stolen by a theft at home are reported. A common reason for these accidents is because media storing information are taken out from a company.
As a solution to the information leakage as described above, needs for the thin client system are increasing in enterprises. In this system, information devices such as note PCs without a storage are used to be remotely coupled to an in-house system via networks such as a mobile phone network and a public LAN, and the information itself is not taken out from the company. In this thin client system, an authentication feature is important for the coupling from the outside to the inside of the company. Conventionally, a smart card reader is coupled to a note PC or the like, and a personal smart card (such as employee ID card) or a security device is used for personal authentication, thereby permitting a coupling to the inside of the company.
On a public terminal such as a kiosk terminal installed on the street, a management status of the terminal is unknown, and it is thus hard for a user to receive a service in which information containing personal information and confidential information is handled in a safe status low in risk of information leakage and eavesdropping. Conventional technologies prevent such an illegal access that a terminal for which a user authentication is established is misused and another person spoofs the authorized user. A determination unit which determines whether or not the user authentication is established for a terminal blocks an access from the outside, thereby preventing an illegal access in which the terminal is misused and an authorized user is spoofed (see Japanese Patent Application Laid-open No. 2002-312316, for example).